"Exposed Database Reveals 100K+ Compromised Facebook Accounts"

Researchers have discovered an exposed ElasticSearch database used by cybercriminals that revealed a global attack that compromised Facebook accounts. The unsecured database was used by fraudsters to store the usernames and passwords of at least 100,000 victims.  The adversaries behind the scam were tricking Facebook victims into providing their account login credentials by using a tool that pretended to reveal who was visiting their profiles.  The adversaries then used the stolen login credentials to share spam comments on Facebook posts via the victim's hacked account, directing people to their network of scam websites.  These fake websites all eventually led to a fake Bitcoin trading platform.

Threatpost reports: "Exposed Database Reveals 100K+ Compromised Facebook Accounts"

Submitted by Anonymous on